"Drupal is a free software package that allows an individual or a community of users to
easily publish, manage, and organize a wide variety of content on a web site."

Friday, August 3, 2012

Module - Safer Login

This module encrypts the user's password when they type it in during
login, so a 3rd party up to no good can't see the user's plain text
password (as is currently the case with Drupal logins).
Encryption is accomplished by replacing what the user enters for
their password with a uniquely-salted MD5 hash of the MD5 hash of what
they typed (so it is 2-layers deep). If the user does not have
JavaScript enabled, then the default Drupal behavior (no hashing) still
works.
Of course, this is no substitute for an SSL certificate on your
server, as that would protect all form submissions, as well as prevent
other types of attacks. This module is intended for those who desire
password security, but either cannot afford a certificate, or only need
basic protection from hackers during login.